RubyGems - ae_declarative_authorization - Versions diffs - 0.8.0 → 0.9.0 - Mend

ae_declarative_authorization 0.8.0 → 0.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (33) hide show

checksums.yaml +5 -5
data/Gemfile.lock +2 -2
data/README.md +24 -24
data/README.rdoc +29 -29
data/gemfiles/rails4252.gemfile.lock +29 -1
data/gemfiles/rails4271.gemfile.lock +2 -2
data/gemfiles/rails507.gemfile +1 -0
data/gemfiles/rails507.gemfile.lock +30 -2
data/gemfiles/rails516.gemfile +1 -0
data/gemfiles/rails521.gemfile +1 -0
data/gemfiles/rails521.gemfile.lock +2 -2
data/lib/declarative_authorization.rb +10 -5
data/lib/declarative_authorization/controller/dsl.rb +208 -0
data/lib/declarative_authorization/controller/grape.rb +79 -0
data/lib/declarative_authorization/controller/rails.rb +340 -0
data/lib/declarative_authorization/controller/runtime.rb +149 -0
data/lib/declarative_authorization/controller_permission.rb +82 -0
data/lib/declarative_authorization/reader.rb +2 -1
data/lib/declarative_authorization/version.rb +1 -1
data/log/test.log +36953 -12956
data/pkg/ae_declarative_authorization-0.9.0.gem +0 -0
data/pkg/ae_declarative_authorization-0.9.0.tim1.gem +0 -0
data/test/grape_api_test.rb +508 -0
data/test/profiles/access_checking +20 -0
data/test/{controller_test.rb → rails_controller_test.rb} +2 -2
data/test/test_helper.rb +14 -71
data/test/test_support/grape.rb +93 -0
data/test/test_support/rails.rb +69 -0
metadata +18 -9
data/gemfiles/rails516.gemfile.lock +0 -136
data/lib/declarative_authorization/in_controller.rb +0 -713
data/pkg/ae_declarative_authorization-0.7.1.gem +0 -0
data/pkg/ae_declarative_authorization-0.8.0.gem +0 -0

data/test/profiles/access_checking CHANGED Viewed

@@ -18,3 +18,23 @@ UsersController
 ParamsBlockArityTest::ParamsBlockArityTestController
 UsersController
 ParamsBlockArityTest::ParamsBlockArityTestController
+UsersController
+ParamsBlockArityTest::ParamsBlockArityTestController
+UsersController
+ParamsBlockArityTest::ParamsBlockArityTestController
+UsersController
+ParamsBlockArityTest::ParamsBlockArityTestController
+UsersController
+ParamsBlockArityTest::ParamsBlockArityTestController
+UsersController
+ParamsBlockArityTest::ParamsBlockArityTestController
+UsersController
+ParamsBlockArityTest::ParamsBlockArityTestController
+UsersController
+ParamsBlockArityTest::ParamsBlockArityTestController
+UsersController
+ParamsBlockArityTest::ParamsBlockArityTestController
+UsersController
+ParamsBlockArityTest::ParamsBlockArityTestController
+UsersController
+ParamsBlockArityTest::ParamsBlockArityTestController

data/test/{controller_test.rb → rails_controller_test.rb} RENAMED Viewed

@@ -266,10 +266,10 @@ class LoadObjectControllerTest < ActionController::TestCase
       request!(MockUser.new(:test_role), "show", reader)
     end
-    Authorization::AuthorizationInController.failed_auto_loading_is_not_found = false
+    Authorization::Controller::Runtime.failed_auto_loading_is_not_found = false
     request!(MockUser.new(:test_role), "show", reader)
     assert !@controller.authorized?
-    Authorization::AuthorizationInController.failed_auto_loading_is_not_found = true
+    Authorization::Controller::Runtime.failed_auto_loading_is_not_found = true
   end
   def test_filter_access_with_object_load_custom

data/test/test_helper.rb CHANGED Viewed

@@ -15,21 +15,9 @@ ENV['RAILS_ENV'] = 'test'
 require 'rails/all'
 require 'test_support/minitest_compatibility'
-if Rails.version < '4.2'
-  raise "Unsupported Rails version #{Rails.version}"
-end
-puts "Testing against rails #{Rails::VERSION::STRING}"
-if Rails.version >= '5.0'
-  require 'rails-controller-testing'
-  Rails::Controller::Testing.install
-end
 DA_ROOT = Pathname.new(File.expand_path("..", File.dirname(__FILE__)))
 require DA_ROOT + File.join(%w{lib declarative_authorization authorization})
-require DA_ROOT + File.join(%w{lib declarative_authorization in_controller})
 require DA_ROOT + File.join(%w{lib declarative_authorization maintenance})
 require DA_ROOT + File.join(%w{lib declarative_authorization test helpers})
@@ -77,69 +65,12 @@ class MockUser < MockDataObject
   end
 end
-class MocksController < ActionController::Base
-  attr_accessor :current_user
-  attr_writer :authorization_engine
-  def authorized?
-    !!@authorized
-  end
-  def self.define_action_methods(*methods)
-    methods.each do |method|
-      define_method method do
-        @authorized = true
-        render :plain => 'nothing'
-      end
-    end
-  end
-  def self.define_resource_actions
-    define_action_methods :index, :show, :edit, :update, :new, :create, :destroy
-  end
-  def logger(*args)
-    Class.new do
-      def warn(*args)
-        #p args
-      end
-      alias_method :info, :warn
-      alias_method :debug, :warn
-      def warn?; end
-      alias_method :info?, :warn?
-      alias_method :debug?, :warn?
-    end.new
-  end
-end
 class User < ActiveRecord::Base
   attr_accessor :role_symbols
   scope :visible_by, ->(user) { where(id: user.id) }
 end
-class TestApp
-  class Application < ::Rails::Application
-    config.eager_load                 = false
-    config.secret_key_base            = 'testingpurposesonly'
-    config.active_support.deprecation = :stderr
-    config.paths['config/database']   = File.expand_path('../database.yml', __FILE__)
-    config.active_support.test_order  = :random
-    initialize!
-  end
-end
-class ApplicationController < ActionController::Base
-end
-Rails.application.routes.draw do
-  match '/name/spaced_things(/:action)' => 'name/spaced_things', via: [:get, :post, :put, :patch, :delete]
-  match '/deep/name_spaced/things(/:action)' => 'deep/name_spaced/things', via: [:get, :post, :put, :patch, :delete]
-  match '/:controller(/:action(/:id))', via: [:get, :post, :put, :patch, :delete]
-end
-ActionController::Base.send :include, Authorization::AuthorizationInController
 module Test
   module Unit
     class TestCase < Minitest::Test
@@ -160,10 +91,13 @@ module ActiveSupport
       ((params.delete(:clear) || []) + [:@authorized]).each do |var|
         @controller.instance_variable_set(var, nil)
       end
+      method = params.delete(:method) || :get
       if Rails.version >= '5.0'
-        get action, params: params
+        send method, action, params: params
       else
-        get action, params
+        send method, action, params
       end
     end
@@ -172,3 +106,12 @@ module ActiveSupport
     end
   end
 end
+require 'test_support/rails'
+begin
+  require 'grape'
+  require 'test_support/grape'
+rescue LoadError
+  # Grape is not defined in the gemspec so the Grape tests will not be run
+end

data/test/test_support/grape.rb ADDED Viewed

@@ -0,0 +1,93 @@
+require 'grape'
+require 'mocha/minitest'
+require DA_ROOT + File.join(%w{lib declarative_authorization controller grape})
+class ApiTestCase < ActiveSupport::TestCase
+  include Rack::Test::Methods
+  include Authorization::TestHelper
+  class << self
+    attr_accessor :api
+  end
+  attr_accessor :last_endpoint
+  def self.tests(api)
+    @api = api
+  end
+  def app
+    self.class.api
+  end
+  def request!(user, action, reader, params = {}, &block)
+    Grape::Endpoint.before_each do |endpoint|
+      self.last_endpoint = endpoint
+      engine = Authorization::Engine.new(reader)
+      endpoint.stubs(:current_user).returns(user)
+      endpoint.stubs(:authorization_engine).returns(engine)
+      ((params.delete(:clear) || []) + [:@authorized]).each do |var|
+        endpoint.instance_variable_set(var, nil)
+      end
+      yield endpoint if block_given?
+    end
+    method = params.delete(:method) || :get
+    send method, action #, params
+  end
+end
+class MocksAPI < Grape::API
+  include Authorization::Controller::Grape
+  helpers do
+    attr_accessor :authorized
+    def authorization_engine
+    end
+    def current_user
+    end
+    def authorized?
+      !!@authorized
+    end
+  end
+  def self.define_action_methods(*methods)
+    resource_name = name.to_param.underscore.gsub(/_api$/, '')
+    resources resource_name do
+      methods.each do |method|
+        get method do
+          @authorized = true
+          'nothing'
+        end
+      end
+    end
+  end
+  def self.define_resource_actions
+    define_action_methods :index, :show, :edit, :update, :new, :create, :destroy
+  end
+  def logger(*args)
+    Class.new do
+      def warn(*args)
+        #p args
+      end
+      alias_method :info, :warn
+      alias_method :debug, :warn
+      def warn?; end
+      alias_method :info?, :warn?
+      alias_method :debug?, :warn?
+    end.new
+  end
+end
+class ApplicationAPI < ActionController::Base
+end

data/test/test_support/rails.rb ADDED Viewed

@@ -0,0 +1,69 @@
+require DA_ROOT + File.join(%w{lib declarative_authorization controller rails})
+if Rails.version < '4.2'
+  raise "Unsupported Rails version #{Rails.version}"
+end
+puts "Testing against rails #{Rails::VERSION::STRING}"
+if Rails.version >= '5.0'
+  require 'rails-controller-testing'
+  Rails::Controller::Testing.install
+end
+class TestApp
+  class Application < ::Rails::Application
+    config.eager_load                 = false
+    config.secret_key_base            = 'testingpurposesonly'
+    config.active_support.deprecation = :stderr
+    config.paths['config/database']   = File.expand_path('../../database.yml', __FILE__)
+    config.active_support.test_order  = :random
+    initialize!
+  end
+end
+class MocksController < ActionController::Base
+  attr_accessor :current_user
+  attr_writer :authorization_engine
+  def authorized?
+    !!@authorized
+  end
+  def self.define_action_methods(*methods)
+    methods.each do |method|
+      define_method method do
+        @authorized = true
+        render :plain => 'nothing'
+      end
+    end
+  end
+  def self.define_resource_actions
+    define_action_methods :index, :show, :edit, :update, :new, :create, :destroy
+  end
+  def logger(*args)
+    Class.new do
+      def warn(*args)
+        #p args
+      end
+      alias_method :info, :warn
+      alias_method :debug, :warn
+      def warn?; end
+      alias_method :info?, :warn?
+      alias_method :debug?, :warn?
+    end.new
+  end
+end
+class ApplicationController < ActionController::Base
+end
+Rails.application.routes.draw do
+  match '/name/spaced_things(/:action)' => 'name/spaced_things', via: [:get, :post, :put, :patch, :delete]
+  match '/deep/name_spaced/things(/:action)' => 'deep/name_spaced/things', via: [:get, :post, :put, :patch, :delete]
+  match '/:controller(/:action(/:id))', via: [:get, :post, :put, :patch, :delete]
+end
+ActionController::Base.send :include, Authorization::Controller::Rails

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: ae_declarative_authorization
 version: !ruby/object:Gem::Version
-  version: 0.8.0
+  version: 0.9.0
 platform: ruby
 authors:
 - AppFolio
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2018-08-17 00:00:00.000000000 Z
+date: 2018-10-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: blockenspiel
@@ -69,14 +69,17 @@ files:
 - gemfiles/rails507.gemfile
 - gemfiles/rails507.gemfile.lock
 - gemfiles/rails516.gemfile
-- gemfiles/rails516.gemfile.lock
 - gemfiles/rails521.gemfile
 - gemfiles/rails521.gemfile.lock
 - init.rb
 - lib/declarative_authorization.rb
 - lib/declarative_authorization/authorization.rb
+- lib/declarative_authorization/controller/dsl.rb
+- lib/declarative_authorization/controller/grape.rb
+- lib/declarative_authorization/controller/rails.rb
+- lib/declarative_authorization/controller/runtime.rb
+- lib/declarative_authorization/controller_permission.rb
 - lib/declarative_authorization/helper.rb
-- lib/declarative_authorization/in_controller.rb
 - lib/declarative_authorization/in_model.rb
 - lib/declarative_authorization/maintenance.rb
 - lib/declarative_authorization/obligation_scope.rb
@@ -89,23 +92,26 @@ files:
 - lib/generators/authorization/rules/templates/authorization_rules.rb
 - lib/tasks/authorization_tasks.rake
 - log/test.log
-- pkg/ae_declarative_authorization-0.7.1.gem
-- pkg/ae_declarative_authorization-0.8.0.gem
+- pkg/ae_declarative_authorization-0.9.0.gem
+- pkg/ae_declarative_authorization-0.9.0.tim1.gem
 - test/authorization_test.rb
 - test/controller_filter_resource_access_test.rb
-- test/controller_test.rb
 - test/database.yml
 - test/dsl_reader_test.rb
 - test/functional/filter_access_to_with_id_in_scope_test.rb
 - test/functional/no_filter_access_to_test.rb
 - test/functional/params_block_arity_test.rb
+- test/grape_api_test.rb
 - test/helper_test.rb
 - test/maintenance_test.rb
 - test/model_test.rb
 - test/profiles/access_checking
+- test/rails_controller_test.rb
 - test/schema.sql
 - test/test_helper.rb
+- test/test_support/grape.rb
 - test/test_support/minitest_compatibility.rb
+- test/test_support/rails.rb
 homepage: http://github.com/appfolio/ae_declarative_authorization
 licenses:
 - MIT
@@ -126,7 +132,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.7.7
+rubygems_version: 2.5.2
 signing_key:
 specification_version: 4
 summary: ae_declarative_authorization is a Rails gem for maintainable authorization
@@ -134,16 +140,19 @@ summary: ae_declarative_authorization is a Rails gem for maintainable authorizat
 test_files:
 - test/authorization_test.rb
 - test/controller_filter_resource_access_test.rb
-- test/controller_test.rb
 - test/database.yml
 - test/dsl_reader_test.rb
 - test/functional/filter_access_to_with_id_in_scope_test.rb
 - test/functional/no_filter_access_to_test.rb
 - test/functional/params_block_arity_test.rb
+- test/grape_api_test.rb
 - test/helper_test.rb
 - test/maintenance_test.rb
 - test/model_test.rb
 - test/profiles/access_checking
+- test/rails_controller_test.rb
 - test/schema.sql
 - test/test_helper.rb
+- test/test_support/grape.rb
 - test/test_support/minitest_compatibility.rb
+- test/test_support/rails.rb

data/gemfiles/rails516.gemfile.lock DELETED Viewed

@@ -1,136 +0,0 @@
-PATH
-  remote: ..
-  specs:
-    ae_declarative_authorization (0.7.1)
-      blockenspiel (~> 0.5.0)
-      rails (>= 4.2.5.2, < 6)
-GEM
-  remote: http://rubygems.org/
-  specs:
-    actioncable (5.1.6)
-      actionpack (= 5.1.6)
-      nio4r (~> 2.0)
-      websocket-driver (~> 0.6.1)
-    actionmailer (5.1.6)
-      actionpack (= 5.1.6)
-      actionview (= 5.1.6)
-      activejob (= 5.1.6)
-      mail (~> 2.5, >= 2.5.4)
-      rails-dom-testing (~> 2.0)
-    actionpack (5.1.6)
-      actionview (= 5.1.6)
-      activesupport (= 5.1.6)
-      rack (~> 2.0)
-      rack-test (>= 0.6.3)
-      rails-dom-testing (~> 2.0)
-      rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    actionview (5.1.6)
-      activesupport (= 5.1.6)
-      builder (~> 3.1)
-      erubi (~> 1.4)
-      rails-dom-testing (~> 2.0)
-      rails-html-sanitizer (~> 1.0, >= 1.0.3)
-    activejob (5.1.6)
-      activesupport (= 5.1.6)
-      globalid (>= 0.3.6)
-    activemodel (5.1.6)
-      activesupport (= 5.1.6)
-    activerecord (5.1.6)
-      activemodel (= 5.1.6)
-      activesupport (= 5.1.6)
-      arel (~> 8.0)
-    activesupport (5.1.6)
-      concurrent-ruby (~> 1.0, >= 1.0.2)
-      i18n (>= 0.7, < 2)
-      minitest (~> 5.1)
-      tzinfo (~> 1.1)
-    appraisal (2.2.0)
-      bundler
-      rake
-      thor (>= 0.14.0)
-    arel (8.0.0)
-    blockenspiel (0.5.0)
-    builder (3.2.3)
-    concurrent-ruby (1.0.5)
-    crass (1.0.4)
-    erubi (1.7.1)
-    globalid (0.4.1)
-      activesupport (>= 4.2.0)
-    i18n (1.1.0)
-      concurrent-ruby (~> 1.0)
-    loofah (2.2.2)
-      crass (~> 1.0.2)
-      nokogiri (>= 1.5.9)
-    mail (2.7.0)
-      mini_mime (>= 0.1.1)
-    metaclass (0.0.4)
-    method_source (0.9.0)
-    mini_mime (1.0.1)
-    mini_portile2 (2.3.0)
-    minitest (5.11.3)
-    mocha (1.7.0)
-      metaclass (~> 0.0.1)
-    nio4r (2.3.1)
-    nokogiri (1.8.4)
-      mini_portile2 (~> 2.3.0)
-    rack (2.0.5)
-    rack-test (1.1.0)
-      rack (>= 1.0, < 3)
-    rails (5.1.6)
-      actioncable (= 5.1.6)
-      actionmailer (= 5.1.6)
-      actionpack (= 5.1.6)
-      actionview (= 5.1.6)
-      activejob (= 5.1.6)
-      activemodel (= 5.1.6)
-      activerecord (= 5.1.6)
-      activesupport (= 5.1.6)
-      bundler (>= 1.3.0)
-      railties (= 5.1.6)
-      sprockets-rails (>= 2.0.0)
-    rails-controller-testing (1.0.2)
-      actionpack (~> 5.x, >= 5.0.1)
-      actionview (~> 5.x, >= 5.0.1)
-      activesupport (~> 5.x)
-    rails-dom-testing (2.0.3)
-      activesupport (>= 4.2.0)
-      nokogiri (>= 1.6)
-    rails-html-sanitizer (1.0.4)
-      loofah (~> 2.2, >= 2.2.2)
-    railties (5.1.6)
-      actionpack (= 5.1.6)
-      activesupport (= 5.1.6)
-      method_source
-      rake (>= 0.8.7)
-      thor (>= 0.18.1, < 2.0)
-    rake (12.3.1)
-    sprockets (3.7.2)
-      concurrent-ruby (~> 1.0)
-      rack (> 1, < 3)
-    sprockets-rails (3.2.1)
-      actionpack (>= 4.0)
-      activesupport (>= 4.0)
-      sprockets (>= 3.0.0)
-    sqlite3 (1.3.13)
-    thor (0.20.0)
-    thread_safe (0.3.6)
-    tzinfo (1.2.5)
-      thread_safe (~> 0.1)
-    websocket-driver (0.6.5)
-      websocket-extensions (>= 0.1.0)
-    websocket-extensions (0.1.3)
-PLATFORMS
-  ruby
-DEPENDENCIES
-  ae_declarative_authorization!
-  appraisal (~> 2.1)
-  mocha (~> 1.0)
-  rails (= 5.1.6)
-  rails-controller-testing
-  sqlite3
-BUNDLED WITH
-   1.16.3